24556fa4606095d0f75d35aa7a49cbbf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24556fa4606095d0f75d35aa7a49cbbf_JaffaCakes118
Size

24KB
MD5

24556fa4606095d0f75d35aa7a49cbbf
SHA1

5426fef8f381c2b1f1690ca0f5b160d352b2793c
SHA256

daa44fda85e1d19e16f6b058df21626f1be6d7092519c9a870c1aaf6f51c845b
SHA512

d73ecca163b59722995c4a0623bce8073a627366fd52e3adc0204ee10bacd1a5a699acc0afeac3d71d21a436883cbaa75345db2b30273a88a9af8c16bc14cd11
SSDEEP

192:rmmJ26jWazJz2USXz4Swho0aAjR7FUeceUpcxwFF5FGoK8/tqHxf:r/5K4aFDKTaAjRYpc0rG+sxf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24556fa4606095d0f75d35aa7a49cbbf_JaffaCakes118

Files

24556fa4606095d0f75d35aa7a49cbbf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\portal\1867251a\5b1d9c99\App_Web_stehdr.ascx.68399747.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ